[Dshield] vunerability windows
Jonathan C. Webster
jwebster03 at snet.net
Fri Feb 6 18:26:41 GMT 2004
Alan Frayer wrote:
> We were forced to notify recipients when a
> virus was intercepted heading their way,
Is a related issue of FAKE notifications of sending mydoom.a relevant?
In the past weeks I have received two such, claiming I sent Mydoom.A loaded emails to an address in
.tw and one in .au. I did neither. The commonality in these was the Message-Id. (BTW I run Linux on
both boxes in my tiny network.)
Message-Id: <20040129080338.1227660029 at services.ibab.ac.in>
Message-Id: <20040206061034.CA8966007C at services.ibab.ac.in>
So is ibab.ac.in likely the source of the fake notices, or are they stopping email with spoofed
addresses that really did carry Mydoom.A ?
More information about the list